<?php

require_once('functions/pageLoad.php');
loginRequired();
$user_session = explode("_", $_SESSION['user']);
$user_id = $user_session[0];
$page_title = 'Buy SMS';

if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['sms'])){

	$sql = "SELECT sms, price FROM sms_packages WHERE id = '".mysql_real_escape_string($_POST['sms'])."'";
	$query=mysql_query( $sql ) or die ("Error in query: $sql . " . mysql_error());
	$rs=mysql_fetch_assoc($query);

	$sql = "SELECT id FROM tradesman WHERE user_id = '".$user_id."'";
	$query=mysql_query( $sql ) or die ("Error in query: $sql . " . mysql_error());
	$tradesman_rs=mysql_fetch_assoc($query);

	$purchase_token = md5($user_id.'_'.mktime().'_'.$encryption_salt);

	$sql = "INSERT INTO payments (user_id, tradesman_id, payment_type, amount, ip_address, token) VALUES ('".$user_id."', '".$tradesman_rs['id']."', '3', '".$rs['price']."', '".$_SERVER['REMOTE_ADDR']."', '".$purchase_token."')";
	$query=mysql_query( $sql ) or die ("Error in query: $sql . " . mysql_error());

$checkout_data = '<?xml version="1.0" encoding="UTF-8"?>
<checkout-shopping-cart xmlns="http://checkout.google.com/schema/2">
  <shopping-cart>
    <items>
      <item>
        <item-name>'.$rs['sms'].' SMS package</item-name>
        <item-description>I Want A Tradesman SMS Package</item-description>
        <unit-price currency="GBP">'.$rs['price'].'</unit-price>
        <quantity>1</quantity>
	<digital-content>
	<description>To complete your purchase click the link below.</description>
	<url>http://www.iwantatradesman.co.uk/complete-purchase?token='.$purchase_token.'</url>
	</digital-content>
      </item>
    </items>
  </shopping-cart>
  <checkout-flow-support>
    <merchant-checkout-flow-support/>
  </checkout-flow-support>
</checkout-shopping-cart>';

$merchant_id = $settings['google_merchant_id'];
$merchant_key = $settings['google_merchant_key'];
$merchant_encrypt = base64_encode($merchant_id.':'.$merchant_key);

$url = "https://checkout.google.com/api/checkout/v2/merchantCheckout/Merchant/".$merchant_id;

$header_arr = array("Authorization: Basic ".$merchant_encrypt, "Content-Type: application/xml;charset=UTF-8", "Accept: application/xml;charset=UTF-8");

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header_arr);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
curl_setopt($ch, CURLOPT_POSTFIELDS, $checkout_data);
curl_setopt($ch, CURLOPT_POST, 1);
$result = curl_exec($ch);

  $objDOM = new DOMDocument();
  $objDOM->loadXML($result);

  $redirect_url_arr = $objDOM->getElementsByTagName("redirect-url");
  $redirect_url = $redirect_url_arr->item(0)->nodeValue;

header("Location: ".$redirect_url);

}

	$sql = "SELECT id, sms, price FROM sms_packages ORDER BY sms";
	$query=mysql_query( $sql ) or die ("Error in query: $sql . " . mysql_error());

	$i = 1;


	while($rs=mysql_fetch_assoc($query)){

	$per_txt = ($rs['price'] * 100) / $rs['sms'];

	$style = (is_int($i / 4)) ? ' style="border-right: none; margin-right: 0px;"' : '' ;

	$sms_content.='<div class="sms_package"'.$style.'>
	<form method="post" action="/buy-sms">
	<h1>'.$rs['sms'].' SMS</h1>
	<p><strong>'.$per_txt.'p per message</strong></p>
	<h2>&pound;'.$rs['price'].'</h2>
	<input type="hidden" name="sms" value="'.$rs['id'].'" />
	<input type="image" src="/images/buy_sms.gif" alt="Buy SMS" />
	</form>
	</div>';

	$i++;

	}

$content = '<p>To purchase SMS for notifications, select your package below and click purchase to be forwarded to Google Checkout for payment. Your SMS will be updated immediately upon confirmation of payment.</p>
'.$sms_content.'<div class="divider"><hr /></div>';

include('includes/meta.php');
include('includes/header.php');
include('includes/navigation.php');

?>

<h1>Buy SMS</h1>

<?php echo $content; ?>

<?php 

include('includes/rightColumn.php');
include('includes/footer.php');

?>